Threat and Vulnerability Management App

Protect critical data and assets against multiple threats

Reduction in the number of man-days required to manage a scaled up level of vulnerability management

*Source: Customer responses and GRC Journey Business Value Calculator

Threat and Vulnerability Management App

The MetricStream Threat and Vulnerability Management App enables effective management of IT security by proactively aggregating and correlating threats and vulnerabilities across information assets. The app integrates with multiple end-point IT security and infrastructure management tools and security intelligence feeds to identify and prioritize the risk exposure for IT assets. It also streamlines the remediation process.

The MetricStream Threat and Vulnerability Management App enables a systematic approach to identifying, prioritizing, and remediating information security threats and vulnerabilities in business critical information technology assets and applications.

Features

Centralized Asset Repository

Consolidate IT assets into a common library leveraging out-of-the-box connectors with a Configuration Management Database (CMDB) such as BMC Atrium and ServiceNow. Map IT assets to business entities, threats, and vulnerabilities. Manage and view these relationships in the form of data explorer and data browser.

Vulnerability Consolidation and Prioritization

Import vulnerability data from multiple third-party vulnerability scanning tools such as QualysGuard and Nessus. Generate a combined risk rating across each asset’s vulnerability and business context. Prioritize the vulnerability remediation strategies based on the risk rating. Orchestrate the remediation process workflow using predefined templates and rules.

Subscription to Threat Feeds

Monitor the threat landscape, zero-day advisories, and threat bulletins. Subscribe to RSS or e-mail based threat alerts from leading industry source, and filter threat alerts based on the key words.

Issue Management and Remediation

Identity and document the issues arising from threat and vulnerability management. Define the vulnerability remediation rules to auto-detect vulnerability patterns among assets and to auto-trigger remediation of issues or incidents. Automatically route incidents from threat and vulnerability app into BMC Remedy and ServiceNow.

Prioritize and assign resources for investigation and remediation with an underlying workflow and collaboration engine. Define an action plan, and track the remediation process and issues to closure.

Analyst Report

Business Value

As information security attacks grow more numerous and sophisticated, the best defense for companies is to act quickly in identifying and resolving threats and vulnerabilities before they spiral out of control. However, with multiple siloed vulnerability assessment tools across the enterprise, it can be challenging to get a clear and timely picture of your risks.

The MetricStream Security Threat and Vulnerability Management Solution provides a common point of reference to integrate threats and vulnerabilities from a range of enterprise devices and external threat feeds such as US-CERT and NIST. You get the threat intelligence you need in one place to make quick and informed decisions. In addition, the solution enables you to proactively and efficiently resolve all threats.